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SYSTEM, METHOD. AND ARTT CLE OF MANUFACTURE 

FOR IDENTIFYING AN INDTVTDITAI, AND MANArmvjr; 

AN INDTVIDUAL'S HEALT H RECORDS 

RELATED APPLI C ATTON 

The present application claims the benefit of U.S. provisional application no. 
60/149,910, filed August 23, 1999, and also is a continuation-in-part of U.S. non- 
provisional application no. 09/604,727, filed June 28, 2000. The content of all the 
aforesaid applications are relied upon and expressly incorporated herein by reference. 

BACKGROUND OF THE INVENTION 

A. Field of the Invention 

The present invention relates to the healthcare industry, and more particularly, 
to a system, method, and article of manufacture for identifying an individual and 
managing an individual's health records. 



B. Description of the Related Art 

In the healthcare industry, identifying an individual and managing an 
individual's health records are important tasks for obvious reasons. For example, in 
an emergency, a provider, such as a hospital, may need to access an individual's health 
records to determine if the individual is allergic to a drug. Managing includes, but is 
not limited to, obtaining, accessing, and updating an individual's records. Identifying 
an individual and/or managing an individual's health records, however, is difficult, 
costly, and time-consuming with the currently available mechanisms. 
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For example, most providers require an individual to complete a lengthy form 

to obtain personal information, such as payer information, and personal health history 
or record, a process which is both time-consuming and costly, both for the individual 
who is seeking health services and for the provider. Moreover, if an individual 
changes providers, the individual will need to complete another form for the new 
provider. In addition, in some instances, because of an individual's unfamiliarity with 
medical terms, an individual may not be able to provide information, such as tests 
performed, to a new provider. As a result, the new provider may perform a test again, 
a process which may result in additional costs for the payer, such as an insurance 
company. 

Moreover, in an emergency, as described above, a provider may not be able to 
quickly access an individual's health records to determine, for example, if the 
individual is allergic to a particular drug. 

Furthermore, in some cases, an individual may fraudulently use a relative's 
payer card, such as an insurance card, to obtain healthcare services from a provider. 
Since most providers do not compare an individual's identity with the payer card, an 
individual may present a relative's payer card to a provider and receive health services 
from the provider. The provider may charge the payer associated with the payer card 
for the services rendered and the payer may in turn pay the provider. This results in 
fraud, which if not detected, may result in additional costs for the payer. 

Accordingly, there is presently a need for a system, method, and article of 
manufacture for identifying an individual and managing an individual's health records 
easily, quickly, and in a cost-effective manner. 
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SUMMARY OF THE INVENTION 

The present invention provides a method, system, and article of manufacture 
for identifying an individual and managing health records of the individual. The 
method includes storing health data of an individual on a storage medium. The 
method also includes logging into the storage medium to manage the health data 
stored on the storage medium and managing the health data on the storage medium. 

The present invention also includes a system for identifying an individual and 
managing health records of the individual. The system includes means for storing 
health data of an individual on a storage medium. The system also includes means for 
logging into the storage medium to manage the health data stored on the storage 
medium and means for managing the health data on the storage medium. 

Moreover, the present invention provides a computer-readable medium 
containing instructions for causing a computer to perform a method for identifying an 
individual and managing health records of the individual. The method includes 
storing health data of an individual on a storage medium. The method also includes 
logging into the storage medium to manage the health data stored on the storage 
medium and managing the health data on the storage medium. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The accompanying drawings are incorporated in and constitute a part of this 
specification and, together with the description, explain the advantages and principles 
of the invention. In the drawings, 

FIG. 1 is a diagram of an exemplary network environment in which features of 
the present invention may be implemented; 
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FIG. 2 is an exemplary block diagram illustrating components of the client 

terminal 1 02 that is shown in FIG. 1 ; 

FIG. 3 is an exemplary block diagram illustrating components of the health 

management system 106 that is shown in FIG. 1; 

FIG. 4 is an exemplary flowchart illustrating the steps involved in enrolling an 
individual with a payer plan;; 

FIG. 5 is an exemplary flowchart illustrating the steps involved in using a 
storage medium, such as a card, in accordance with the present invention; 

FIG. 6 is an exemplary block diagram illustrating components of a provider 
terminal; and 

FIG. 7 is another diagram of an exemplary network environment in which 
features of the present invention may be implemented. 

DETAILED DESCmPTTON 

The following detailed description of the invention refers to the accompanying 
drawings. While the description includes exemplary embodiments, other 
embodiments are possible, and changes may be made to the embodiments described 
without departing from the spirit and scope of the invention. The following detailed 
description does not limit the invention. Instead, the scope of the invention is defined 
by the appended claims and their equivalents. 

The present invention provides a system, method, and article of manufacture to 
identify an individual and to manage an individual's health records easily, quickly, and 
in a cost-effective manner. For example, with the use of the present invention, an 
individual may store his personal and health information on a storage medium, such as 
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a smart card. While stored on the card, the information also may be encrypted. The 

individual may take the card to a provider, who may retrieve or update the information 

on the card. To retrieve the information, the provider may require the individual to 

authenticate. Authentication may include, but is not limited to, the use of a biometric 

and/or a user name and password. Biometric authentication includes the use of unique 

physical characteristics of a user, such as fingerprint patterns, voice, eyes, face, hand, 

etc., to confirm the identity of an individual. In addition, the card may be used for 

other purposes, for example, as a credit card or an access card to enter a building, for 

example. 

The above example is intended to be illustrative of the features of the present 
invention as opposed to limiting it in any manner. Moreover, the system, method, and 
article of manufacture are not limited to any particular provider, payer, or individual. 
A provider is anyone who provides healthcare services and may include, but is not 
limited to, a doctor, a hospital, a laboratory, or a pharmacy. A payer is anyone who 
pays for healthcare services, for example, an insurance company. An individual may 
include, but is not limited to, an employee of an organization. An organization may 
include, but is not limited to, a business, a government entity, and a non-profit 
organization. 

The above-noted features, other aspects, and principles of the present 
invention may be implemented in various system or network configurations to provide 
automated and computational tools to identify an individual and to manage an 
individual's health records. Such configurations and applications may be specially 
constructed for performing the various processes and operations of the invention or 
they may include a general purpose computer or computing platform selectively 
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activated or reconfigured by program code to provide the necessary functionality. The 

processes disclosed herein are not inherently related to any particular computer or 
other apparatus, and may be implemented by a suitable combination of hardware, 
software, and/or firmware. For example, various general purpose machines may be 
used with programs written in accordance with teachings of the invention, or it may be 
more convenient to construct a specialized apparatus or system to perform the 
required methods and techniques. 

The present invention also relates to computer readable media that include 
program instruction or program code for performing various computer-implemented 
operations based on the methods and processes of the invention. The media and 
program instructions may be those specially designed and constructed for the purposes 
of the invention, or they may be of the kind well-known and available to those having 
skill in the computer software arts. The media may take many forms including, but 
not limited to, non-volatile media, volatile media, and transmission media. Non- 
volatile media includes, for example, optical or magnetic disks. Volatile media 
includes, for example, dynamic memory. Transmission media includes, for example, 
coaxial cables, copper wire, and fiber optics. Transmission media can also take the 
form of acoustic or light waves, such as those generated during radio-wave and infra- 
red data communications. Examples of program instructions include both machine 
code, such as produced by compiler, and files containing a high level code that can be 
executed by the computer using an interpreter. 

FIG. 1 is a diagram of an exemplary network environment in which features of 
the present invention may be implemented. The network environment includes client 
terminal 102 and health management system 106, which are interconnected by 
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network 104. Network 104 may be a single or a combination of any type of computer 

network, such as the Internet, an Intranet, an Extranet, a Local Area Network (LAN), 
or a Wide Area Network (WAN), for example. These as well as other network 
configurations are known to those skilled in the art and are also within the scope of 
the present invention. For example, the use of the Internet and specifically, the World 
Wide Web ("Web") is widely known. The web is a distributed system that includes 
web servers and web clients. Web servers are software applications that support 
common protocols, such as Hypertext Transport Protocol (HTTP). Moreover, these 
web servers make documents, such as documents in hypertext mark up language 
(HTML), and other resources available to users via web pages. Web clients include 
software applications, such as a browser, which a user uses to access a web page, for 
example. 

Moreover, while the components of FIG. 1 are shown as logical devices, one 
skilled in the art would readily understand that each is associated with respective 
physical devices. For example, client terminal 102 may be a physical device, such as 
a personal computer, a handheld computer, a laptop, or any similar device known to 
those skilled in the art. 

As shown in FIG. 2, the client terminal 102 may include a browser 210, such 
as a world wide web browser like NETSCAPE NAVIGATOR and/or INTERNET 
EXPLORER; other software and data storage 220; at least one input device 230, such 
as a keyboard or a mouse; at least one communications device 240, such as a modem 
or a network interface card (NIC); at least one processor 260; memory 250; and at 
least one output device 270, such as a monitor; all of which may communicate with 
each other, for example via a communication bus 280. The client terminal 102 also 
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may include a reading and writing device 290, such as a device for reading and writing 

to a smart card, and/or a biometric device 295. The biometric device 295 may be, for 

example, a finger scanner that is used to scan an individual's fingerprint pattern for 

authentication purposes. The memory 250 may be random access memory (RAM), 

read only memory, or both. Other client terminals and their components are known to 

those skilled in the art and are also within the scope of the present invention. For 

example, it is known to one skilled in the art that in order for the biometric device 295 

to interface with the client 102, software drivers may be needed. 

Health management system 106 shown in FIG. 1 will be described now. As 

shown in FIG. 3, the health management system 106 includes a web server 305 and a 

storage server 335, which are connected to each other via a non-routed network 330, 

such as a non-routed LAN. The web server 305 includes authentication component 

310, certificate component 315, health management component 320, and auditing and 

reporting component 325. The storage server 335 may include a database 340 and an 

audit log 345. The data associated with an individual is stored in the database 340. 

Since, the non-routed network 330 may not be accessed directly from the network 

104, such as the Internet, this provides a more secure computing environment because 

unauthorized individuals will not be able to gain access to the database 335 and audit 

log 345. Although not shown, both the web server 305 and the storage server 335 also 

may have an administration component for administering the various components. 

Moreover, in FIG. 3, the various components are shown to exist on a single web 

server 305 and a single storage server 335; however, it is known to one skilled in the 

art that these components may exist on multiple servers to assist in load balancing, for 

example. 
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Each of the components shown in FIGs. 1-3 may use various protocols to 
communicate with each other. In addition, the communication between the various 
components may be encrypted. For example, the client 102 may communicate with 
the web server 305, for example, by using the Hypertext Transport Protocol (HTTP) 
protocol. CORBA's (Common Object Request Broker Architecture) IIOP (Internet 
Inter-Object Request Broker Protocol) may also be used. Moreover, the secure 
sockets layer (SSL) also may be used, both as a protocol and encryption. For 
example, 128 bit SSL encryption may be used. Other encryption algorithms, such as 
the Blowfish 448-Bit encryption algorithm, may be used. These and other similar 
protocols and encryption algorithms are known to those skilled in the art and are also 
within the scope of the present invention. 

The components shown in FIG. 3 will be described now. The authentication 
component 310 performs all authentication related functions. The authentication 
component 3 10 is transparent to an individual. The authentication component 310 
may use, for example, a user name and authentication token. Authentication token 
may include any authentication means known to those skilled in the art. For example, 
authentication token may include a biometric; an access card, such as a smart card; 
and/or a password. As a result of authentication tokens, such as biometric 
authentication, the present invention creates a secure computing environment. 

The certificate component 315 shown in FIG. 3 will be described now. The 
certificate component 315 manages certificate issuance and storage. The certificate 
component 315 is not a certificate authority (CA). Instead, the certificate component 
315 may request, renew, revoke and validate standard certificates, such as X.509v3 
certificates, through a recognized certificate authority. For example, in FIG. 3, 
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SUBSTITUTE SHEET (RULE 26) 



WO 01/14974 PCT/USOO/23028 
certificate authority 350 may be used as the certificate authority. Ail interaction with 

the certificate authority may be based on, for example, public-key cryptography 

standards (PKCS) and as a result, the present invention may be compliant with all 

PKCS compliant certificate authorities. In one embodiment of the present invention, 

the private key associated with a certificate may be stored on an individual's card, such 

as a smart card. This allows for greater mobility. The process of storing the private 

key will be described later. 

The auditing and reporting component 325 shown in FIG. 3 will be described 
now. The auditing and reporting component 325 may provide an interface to all of the 
other components shown in FIG. 3 in order to provide report information on selected 
or all data fields. Access to the reports themselves may be audited and restricted to 
authorized individuals, such as administrators, who have successfully authenticated 
into the health management system 106. For example, when an individual attempts to 
access a report, the individual may be required to enter a user name and an 
authentication token. After the individual provides the requested information and 
after the information has been verified, the individual may be given access to the 
report. In one embodiment, the auditing and reporting component 325 may provide e- 
mail alerts to administrators. These alerts may notify the administrator, for example, 
of repeated authentication failures. 

As described in the foregoing description, the present invention provides an 
individual with a storage medium, such as a smart card, for use as a payer card. The 
smart card may have the individual's personal as well as health information stored on 
it, which may be later retrieved by a provider, for example. Normally, an individual 
enrolls in a payer plan, such as a health insurance plan, through an enroller. An 
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enroller may be the individual's employer, a broker, or the payer itself. The process of 

enrolling with a payer, obtaining a card, and storing information on the card will be 
described now by referring to FIG. 4. 

As indicated by a step 405 in FIG. 4, the enroller, such as an employer or a 
broker, authorizes an individual to enroll in a payer plan. Next, in a step 410, the 
enroller establishes an account for the individual in the health management system 
106. The account may include a user name and an authentication token, for example. 
The authentication token may be a password or a biometric. Instead of establishing an 
individual account, the enroller may assign the same account to all individuals and 
once logged into the health management system 106, the individuals may be required 
to establish separate accounts. 

Then, in a step 415, the individual uses the account information and client 102 
to login to the health management system 106. For example, the individual may use 
the communications device 240 to connect to the Internet and then, use the browser 
210 to go to the web site associated with the health management system 106. The 
enroller may provide the address of the web site to the individual in step 410, for 
example. The authentication component 310 may ask the individual to enter account 
information, such as a user name and an authentication token. Once the individual 
provides that information, the authentication component 310 may compare this 
information to the information stored in database 340. The process of establishing 
accounts and authenticating using a configuration similar to the one shown in FIG. 1 
is described in detail in the related U.S. non-provisional application no. 09/604,727, 
filed June 28, 2000, which is expressly incorporated herein by reference. 

After logging into the health management system 106, the health management 
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component 320 may present web pages, such as a web enrollment form or application, 
asking the individual for enrollment information, as indicated by a step 420. Some of 
the enrollment information on the form may be already filled in depending on, for 
example, whether the enroller established an individual account for the individual. If 
some or all the enrollment information is already filled in the form, the individual may 
be asked to verify this information and correct it if necessary. The enrollment 
information may include, but is not limited to, the individual's name, address, date of 
birth, social security number, information about spouse and children, information 
about the payer plan that the individual desires to enroll in, and information about the 
individual's primary physician and dentist, for example. In addition, the enrollment 
information may also include employer information if the individual is enrolling 
through an employer, for example. In step 420, an account, if one already does not 
exist, may be created for the individual. The account information is stored in the 
database 340. 

Next, in a step 425, the enrollment information is stored in the database 340 
and sent to the payer. The information may be sent in a variety of ways. For example, 
the information may be sent electronically, such as via e-mail, or manually, such as 
via U.S. mail. If the information is sent electronically, the health management system 
106 may generate an e-mail and send it via network 104 to the payer. These and other 
ways of sending information are known to one skilled in the art and are also within the 
scope of the present invention. 

Upon receipt of the information from the health management system 106, the 
payer may enroll the individual in the payer plan selected by the individual, as shown 
in a step 430. Although not shown in FIG. 4, if there are any problems with enrolling 
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the individual, the payer may contact the enroller, for example, to resolve the 

problems. After enrolling the individual, the payer may send an acknowledgment to 
the health management system 106, as indicated by a step 435. The acknowledgment 
may indicate, for example, acceptance or denial of the individual's application, or may 
ask for additional information. The acknowledgment may also include the 
individual's account or identification number that is associated with the payer. This 
account number may also be stored in the individual's account in the database 340. If 
the acknowledgment asks for additional information, the additional information may 
be provided to the payer to complete the enrollment process. 

The health management system 1 06 may be operated and/or owned by a 
independent third party, enroller, or a payer. For example, if the system 106 is 
operated by a third party or a payer, the system 106 may send acknowledgment to the 
enroller, who may in turn send an acknowledgment to the individual, for example, 
after receiving acknowledgment from the payer. On the other hand, if the system 106 
is operated by the enroller, only an acknowledgment to the individual may be 
necessary. 

Once an acknowledgment is received, the health management system 106 may 
send some or all of the enrollment information, such as the individual's name, and 
payer information, such as account information and payer name, to a card issuer for 
issuance of a card. The card may include, but is not limited to, a smart card or a card 
with a magnetic stripe. In addition, as described in the foregoing description, the card 
of the present invention may be used for multiple purposes, for example, both as a 
payer card and a credit card. Consequently, if the card will be used as a credit card 
also, the enrollment and the payer information may be sent to a credit card issuer in 
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step 440. If the card also will be used as a credit card, for example, the individual also 

may need to provide salary information to the credit card company. The use of the 

card is not limited to a credit card only, other uses will be apparent to one skilled in 

the art and such uses are also within the scope of the present invention. For example, 

the card may be used for entry into the individual's employer's building, as a library 

card, or a copy card. Moreover, the card may be issued by the enroller or the payer. 

Next, in a step 445, the card issuer may issue the card to the individual. 
Although not shown in FIG. 4, if the card issuer needs to verify information or needs 
additional information, the card issuer may ask for additional information from the 
health management system 1 06, for example. The transfer of information between the 
card issuer may be accomplished in a manner similar to transfer of information 
between the payer and the health management system 106. 

Then, in a step 450, after receiving the card, the individual may login to the 
health management system 106 using client 102, for example, to activate the card. 
Once logged in, the individual may select the option of completing the enrollment 
process, for example, as shown in a step 455. The health management component 320 
may present a web page asking the individual for information regarding the 
individual's health. For example, the component 320 may ask the individual for the 
individual's health history and information about any drugs that the individual is 
allergic to. Some or all of the individual's enrollment, payer, and health information 
may be downloaded to the card in this step for retrieval and update by a provider, for 
example. In this step, the individual, the enroller, or the payer also may be given the 
option of selecting the information that needs to be stored on the card and the means 
of accessing that information. For example, in one embodiment, the individual's 
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information may be divided and stored on the card in two categories, public and 
private information. The public information may include, for example, the 
individual's name and address, etc., whereas the private information may include, for 
example, payer information and the individual's health history. The public 
information may be retrieved from the individual's card by just inserting the card in 
device, such as a reading and writing device. On the other hand, the private 
information may be stored in an encrypted manner on the card and may be only 
accessed after authentication. For example, the individual may need to authenticate to 
the card before the private information may be retrieved. 

To provide authentication, the health management component 320 may ask the 
individual for a user name and an authentication token, for example, which may be 
stored on the card in step 455. The authentication token may include a biometric or a 
password, for example. The health management component 320 may ask the 
individual to place the individual's finger on the biometric device 295. After scanning 
the individual's fingerprint pattern, the image of the finger may be converted into an 
authentication token and stored on the card and the database 340. As a result, if a 
provider, such as a doctor, wants to access the private information, for example, the 
individual may need to login to his card before the provider can get access to this 
private information. 

In addition to authentication, the private information also may be encrypted. 
For example, in step 455, the certificate component 315 may request a certificate from 
the certificate authority 350. Once a certificate is issued, the certificate component 
3 1 5 may store the private key associated with the certificate on the card and in the 
database 340. The private key is stored in the database 340 in case the individual 
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losses his card and a new card needs to be issued to the individual. As a result, when 

the information is being transferred to the card, some or all of the information, such as 

the private information, may be encrypted by the private key and then, stored on the 

card. As a result, if a provider, such as doctor, wants access to the private 

information, for example, the individual may need to login to his card to retrieve the 

private key so that the individual's information may be decrypted by using the private 

key and presented to the provider. Consequently, the present invention secures an 

individual's personal information and provides access to this information only after 

authentication by the individual. 

Once the information is downloaded on the card, a message may be sent both 
to the payer and the card issuer, to let them know that the card has been received and 
to activate the card., as indicated in a step 460. The message may be, for example, 
digitally signed using the individual's private key. After the message is sent, the 
individual is ready to use the card, and the enrollment process is complete, as 
indicated by a step 465. The above process is intended to be illustrative of the 
features of the present invention as opposed to limiting it in any manner. For 
example, the steps do not have to be performed in the described order. 

An example and FIG. 5 will be used now to describe the process of using a 
card of the present invention. In this example, it is assumed that an individual desires 
to visit a provider, such as a doctor. The provider may have a provider terminal 
similar to the client terminal 102 shown in FIG. 2. The components of a provider 
terminal 600 are shown in FIG. 6. The components shown in FIG. 6 are similar to 
FIG. 2 with the exception of the provider component 697. The provider component 
697 may be implemented, for example, using software, such as Java applets. In a step 
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505, the provider component 697 may ask the individual to insert his card into the 
reading and writing device 690. If the card has public and private information, as 
described above, the public information will be immediately available to the provider, 
and the provider may be able to read this information, as shown in a step 510. If the 
provider does not need any other information, such as the private information, the 
process may be complete, as indicated by steps 535 and 540. 

If, however, the provider wants access to the private information, the provider 
may ask the individual to authenticate, as indicated by steps 515 and 520. For 
example, if biometric authentication is being used, the provider component 697 may 
ask the individual to place his finger, for example, on the biometric device 695. The 
captured image will be compared to the authentication token stored on the card and if 
it matches, the provider will be given access to the private information, as indicated by 
steps 525 and 530. Conversely, if the image does not match, the individual may be 
asked to try again. 

If encryption is also being used, after authentication, the private key may be 
used to decrypt the private information before presenting it to the provider. The 
provider may either print and/or transfer the retrieved information to the provider's 
own system. Once the information has been retrieved, the provider component 697 
may instruct the individual to take out his card from the reading and writing device 
290 to indicate that the process is complete, as indicated by steps 535 and 540. 

In another embodiment, after the provider is finished with the treatment, for 
example, the provider may update an individual's card, using the provider component 
697 and the reading and writing device 290. Updating the individual's card will 
ensure that current information about the individual's health is stored on the card. 
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in still another embodiment, as shown in FIG. 7, the provider terminal may be 

connected to the health management system 106 via network 104, for example. One 

advantage of this embodiment is that in addition to updating the information on an 

individual's card, the provider may be able to update the information in the database 

340. Another advantage is that if a card has a limited storage space, a provider may be 

able to access some information from the database 340 after the individual 

authenticates in addition to the information from the card. 

The present invention, as described above, provides several advantages. One 
advantage is that an individual's health records may be managed easily and quickly. 
For example, with the present invention, a provider may not need to ask an individual 
to complete a lengthy form to obtain personal information from the individual because 
such information can be retrieved from the card. As a result, the provider and the 
individual save time and costs are reduced.. 

Another advantage is that since the health information is stored on the card, 
redundant tests may be reduced. For example, as described in the foregoing 
description, because of an individual's unfamiliarity with medical terms, an individual 
may not be able to provide information, such as tests performed, to a new provider. 
As a result, the new provider may perform a test again, a process which may result in 
additional costs for the payer, such as an insurance company. With the present 
invention, however, the new provider will be able to quickly retrieve the individual's 
health information, including tests performed, from the card if the provider is not 
connected to the health management system 1 06 and/or database 340 if the provider is 
connected to the health management system 106 and thus, may not need to perform 
tests again even if the individual is unfamiliar with medical terms. 
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Still another advantage is that in an emergency situation, a provider may be 

able to quickly access an individual's health information to determine, for example, a 
drug that an individual is allergic to by using the individual's card. This is possible as 
long as the information is stored on the card as public information. Moreover, even 
private information may be accessed, for example, by giving a family member of the 
individual access to the private information. Access may be given, for example, by 
placing the authentication token of the individual's family member in addition to 
placing the authentication token of the individual on the card. These and other 
methods of accessing information from the card will be apparent to one skilled in the 
art and are also within the scope of the present invention. 

Yet another advantage of the present invention is that it identifies the 
individual and reduces fraud. For example, with the present invention, an individual 
may not use a relative's payer card to obtain healthcare services from a provider 
because the present invention may require an individual to authenticate to the 
individual's card before any information can be retrieved from it. As a result, unless 
the individual provides his information to someone else, fraud is unlikely. Moreover, 
if biometric authentication is used, the individual will need to authenticate by himself 
and cannot provide such information to another. 

Still another advantage of the present invention is that an individual may use 
the card for other purposes, such as a credit card or a library card. Furthermore, 
another advantage is that if an individual losses his card or a provider losses the 
individual's records, the individual may be able to quickly obtain a new card and the 
provider may be able to quickly obtain a copy of the records by using the health 
management system 106. 
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While the examples given in the foregoing description related to an individual, 

the present invention is not limited to the individual. For example, the present 
invention may be used in a similar manner for the individual's family members, such 
as a spouse. 

It will be apparent to those skilled in the art that various modifications and 
variations can be made in the system and method of the present invention and in 
construction of this invention without departing from the scope or spirit of the 
invention. 

Moreover, other embodiments of the invention will be apparent to those 
skilled in the art from consideration of the specification and practice of the invention 
disclosed herein. It is intended that the specification and examples be considered as 
exemplary only, with a true scope and spirit of the invention being indicated by the 
following claims. 
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WHAT IS CLAIMED IS: 

1 . A method for identifying an individual and managing health 
records of the individual, comprising the steps of: 

storing health data of an individual on a storage medium, 
logging into the storage medium to manage the health data stored on the 
storage medium; and 

managing the health data on the storage medium. 

2. The method of claim 1 , further comprising the step of storing a 
private key associated with a certificate of the individual on the storage medium. 

3. The method of claim 2, wherein the health data includes public and 
private health data. 

4. The method of claim 3, wherein the step of storing health data of an 
individual on a storage medium includes the step of encrypting the private health data 
with the private key. 

5. The method of claim 4, wherein the step of managing includes 
decrypting the private health data with the private key. 

6. The method of claim 1 , wherein the step of logging into the storage 
medium to manage the health data stored on the storage medium includes the steps of: 

receiving authentication data from the individual; 
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comparing authentication data received from the individual with authentication 

data stored on the storage medium; and 

ensuring that the authentication data received from the individual matches with 

authentication data stored on the storage medium. 

7. The method of claim 6, wherein the authentication data may be 
chosen from user name and password and user name and biometric. 

8. The method of claim 1 , wherein the step of managing includes 
accessing and updating the health data. 

9. A system for identifying an individual and managing health records 
of the individual, comprising: 

means for storing health data of an individual on a storage medium, 
means for logging into the storage medium to manage the health data stored on 
the storage medium; and 

means for managing the health data on the storage medium. 

10. The system of claim 9, further comprising means for storing a 
private key associated with a certificate of the individual on the storage medium. 

1 1 . The system of claim 1 0, wherein the health data includes public 
and private health data. 
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12. The system of claim 11, wherein the means for storing health data 

of an individual on a storage medium includes encrypting the private health data with 
the private key. 



computer to perform a method for identifying an individual and managing health 

records of the individual, comprising the steps of: 

storing health data of an individual on a storage medium, 

logging into the storage medium to manage the health data stored on the 

storage medium; and 

managing the health data on the storage medium. 

14. The computer-readable medium of claim 13, further comprising the 

step of storing a private key associated with a certificate of the individual on the 
storage medium. 



13. 



A computer-readable medium containing instructions for causing a 



15. 



The computer-readable medium of claim 14, wherein the health 



data includes public and private health data. 



16. The computer-readable medium of claim 1 5, wherein the step of 

storing health data of an individual on a storage medium includes the step of 
encrypting the private health data with the private key. 



17. 



The computer-readable medium of claim 16, wherein the step of 
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managing includes decrypting the private health data with the private key. 



1 8. The computer-readable medium of claim 1 3, wherein the step of 
logging into the storage medium to manage the health data stored on the storage 
medium includes the steps of: 

receiving authentication data from the individual; 

comparing authentication data received from the individual with authentication 
data stored on the storage medium; and 

ensuring that the authentication data received from the individual matches with 
authentication data stored on the storage medium. 

19. The computer-readable medium of claim 1 8, wherein the 
authentication data may be chosen from user name and password and user name and 
biometric. 

20. The computer-readable medium of claim 1 3, wherein the step of 
managing includes accessing and updating the health data. 

2 1 . The method of claim 1 , wherein the storage medium is chosen from 
a smart card and a magnetic stripe card. 

22. The method of claim 2 1 , wherein the storage medium may be used 
as a credit card. 
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23 . The system of claim 9, wherein the storage medium is chosen from 

a smart card and a magnetic stripe card. 



24. The system of claim 23, wherein the storage medium may be used 
as a credit card. 

25. The computer-readable medium of claim 1 3, wherein the storage 
medium is chosen from a smart card and a magnetic stripe card. 

26. The computer-readable medium of claim 25, wherein the storage 
medium may be used as a credit card. 
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